Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#4530 closed task (fixed)


Reported by: Bruce Dubbs Owned by: lfs-book
Priority: high Milestone: 9.1
Component: Book Version: SVN
Severity: normal Keywords:


New point version.

Change History (3)

comment:1 by Bruce Dubbs, 3 years ago

E2fsprogs 1.45.4 (September 23, 2019) Fixes

  • A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck. (Addresses CVE-2019-5094)
  • E2fsck now checks to make sure the casefold flag is only set on directories, and only when the casefold feature is enabled.
  • E2fsck will not disable the low dtime checks when using a backup superblock where the last mount time is zero. This fixes a failure in xfstests ext4/007.
  • Fix e2fsck so that when it needs to recreate the root directory, the quota counts are correctly updated.
  • Fix e2scrub_all cron script so it checks to make sure e2scrub_all exists, since the crontab and cron script might stick around after the e2fsprogs package is removed.
  • Fix e2scrub_all so that it works when the free space is exactly the snapshot size.
  • Avoid spurious lvm warnings when e2scrub_all is run out of cron on non-systemd systems
  • Update the man pages to document the new fsverity feature, and improve the documentation for the casefold and encrypt features. Performance, Internal Implementation, Development Support etc.
  • Fixed various debian packaging issues.
  • Fix false positive test failure in f_pre_1970_date_encoding on 32-bit systems with a 64-bit time_t.
  • Fixed various compiler warnings.
  • Update translations

comment:2 by Bruce Dubbs, 3 years ago

Resolution: fixed
Status: newclosed

Fixed at revision 11679.

comment:3 by Douglas R. Reno, 3 years ago

Priority: normalhigh

Promote to high for CVE-2019-5094.

Note: See TracTickets for help on using tickets.